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CHAPTER 


Basic ADMINISTRATION TASKS 


After reading this chapter and completing the exercises, 
you will be able to: 


+ Create and manage Linux user accounts 
+ Install and maintain diverse types of Linux file systems 
+ Manage processes on Linux using basic commands 


n the previous chapter you learned what it means to be a system administra- 

tor. You also learned the role ethics and nontechnical skills play in a sytem 
administrator's daily duties. In addition, you learned about some basic concepts 
related to Linux sytem administration and became familiar with some of the 
most popular administrative utilities. 


In this chapter you look at basic administration tasks, such as working with users, 
processes, and file sytems.You will also learn about the utilities used to manage 
users, processes, and file systems in Linux. 


ADMINISTERING USER ACCOUNTS 


In order to complete any operation in Linux, the user must first log in to a valid user 
account.T he task of setting up and maintaining these user accounts is a large part of the 
work of asystem administrator. In Chapter 4 you learned how to manage the initializa- 
tion files for a user account.T his section provides more details on how to configure and 
manage user accounts. In general, the more user accounts you have on your Linux sys 
tem, the more work is required to keep them all running smoothly. M ore users also 
means more security risks— thus proper management and tracking of user accounts is 
crucial to keeping the sytem running securely and efficiently. 


Before you can thoroughly understand the nature of user accounts, you need to understand 
the stuations in which user accounts are not used. Asa rule, a user account is not required 
when accessing a network service provided on the Linux server. For example, when a per- 
son connects to a Linux sytem using aWeb browser, the remote Web browser does not 
have (or need) a user account. In fact, the remoteW eb browser never actually logsin to the 
Linux system. Instead, the Web server daemon watches for incoming requests and responds 
over the network without allowing the browser to have full access to aLinux user account. 
TheWeb server runs as a certain Linux user (usually as user nobody, to increase security) 
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and uses the access privileges of this user account to read files that are passed back over 
the network to the Web browser. Some types of network services (like telnet or FTP) 
require an account on the Linux system to which a client wishes to connect. O ther ser- 
vices, such as those that send e-mail messages or request Web documents, do not. 


Types of User Accounts 


You are probably familiar with the process of logging in to Linux with a user account that 
lookslike your own name. It'simportant to keep in mind, however, that Linux has many user 
accounts with strange names that serve special purposes on the system. All of these user 
accounts are part of the same “system,” but they have different characteristics according to 
how they are used by the various Linux programsT hree types of user accounts are described 
in the following sections. 


The root Account 


Asyou know, the administrative account (the superuser) on a Linux system isnamed root. 
T he root user account is created when you install Linux, at which time you normally assgn 
a password to that account as well. The root user has authority to complete any operation 
on the Linux system, including changing any configuration information or deleting the 
entire operating system with a single command. The root user on Linux is smilar to the 
admin user on aN etWare server.T he administrative user account on W indowsN T doesnot 
have access to all system files and resources, W indows N T does not have a user account that 
is truly equivalent to the Linux root user. 


Because of the power of the root user, you must not log in as root for your normal work. 
Even though you are the sytem administrator, root is not intended to be your main 
account. Always create a separate account (normally based on your name) and log in using 
this account for normal work.W hen you need to do administrative tasks that require superuser 
privileges (such as creating new user accounts), you need to temporarily change to root 
account privileges complete the administration task, and then return to your normal user 
account.You can temporarily change to root account privileges using the su utility. 


T he su utility (for substitute user) changes any user account's permissions to the permissions 
assgned to another user account.T his is like logging in as a different user. If you smply type 
su, without any parameters, you change to the root account. If you type su followed by a 
username, you change to that user's account. T his utility is useful when you need to tem- 
porarily assume the privileges of another user account for administrative purposes. For exam- 
ple, to assume the permissions of a user named lizw, you would type: 


su - lizw 


This command places you in the home directory of user lizw, with all environment 
settings as they would be for that user. If you omit the hyphen, you are not placed in a 
new directory with new environment settings. Because the root user has all power over 
the system, no password is required to use the su utility when logged in as root. R egular 
users must supply a password when using the su utility. 
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You must be especially careful with the root password. If an intruder obtains 
A this pass word, he or she could inflict severe damage to your Linux system, 
Caution including creating many security holes that will allow the intruder access to 
the system even if the root password is changed later. 


Regular Users 


A regular user account is intended for a person who needs to log in and use the Linux sys- 
tem. Although a regular account can be associated with a role in an organization (you could 
name a user account “manager” or “designer” ), user accounts are commonly associated with 
individuals T he name of the account reflects the name of the individual. For example, C hris 
Lee might have any of the following as a user account name: 


m chris 
m lee 

m clee 

m chrisl 
m Cl 


U ser account names should be no more than eight characters. he example user account names 
for Chris Lee, in the preceding list, are not predefined, but depend on how you decide to set 
up your user accounts. It’s common practice to define a tandard method of converting real 
names to usernames. For example, an administrator might decide to combine the user's first 
name and last initial to create the person's username. In another scheme, the username might 
const of the first initials of a user's first and last names. Some duplicate usernames may require 
variation from the standards you define. 


Non-Regular Users 


In addition to the root user and the regular user accounts, Linux includes several default 
user account names that might appear strange to Linux newcomers T hese user accounts are 
employed only by Linux programs and are referred to as pecial, or non-regular, accounts. 
By using a special user account, programs can better control file permissions and therefore 
ensure the security of the sytem. Most non-regular user accounts are created during the 
installation of Linux; others may be created by programs that you install. The non-regular 
user accounts created during installation of your Linux system vary depending on the ser- 
vices you have installed. For example, if you have installed the PostgreSQ L database package, 
your system contains a postgres user; otherwise your system will not include this user.T he 
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pecial user accounts you are likely to see on your system are shown in Table 8-1. Although 
these user accounts allow programs to control system access in their respective areas, these 
accounts do not have passwords or default shells defined. T his means that a person cannot 
log in using these accounts. 


Table 8-1 Non-Regular User Accounts Created by Default on M ost Linux Systems 


User account Description 


bin Can be used by any program 
daemon Used by daemons 

adm Used for administrative purposes 

lp Used by the printer control daemon 
sync Used to synchronize disk updates 
shutdown Used during system shutdown 

Used when the system is being halted 


Used by the e-mail server 

Used by programs related to the UUCP protocol 
news Used by the newsgroup server 

operator Can be used for system administration work 

ftp Used for anonymous FTP access 

Used as a restricted access account 

Used by game programs to control system access 


Linux Groups 


Like most other operating systems, Linux allows the administrator to organize user accounts 
into groups.A group isa collection of user accounts that can be granted access to the sytem 
collectively. Assigning users to groups makes it easer to give each user access to areas of the 
system that match his or her specific work requirements. Permissons to use directories and 
fileson Linux are granted to the owner of a file or directory or to the group assigned to afile 
or directory. Each user in Linux is assigned to a primary group. Information regarding a user's 
group assignment is tored with the user's account information. U sers can also be assgned as 
members of additional, secondary groups Information regarding a user’s secondary groups is 
gored in the group configuration file (described in the next section). Groups can be assigned 
permissons, jus like individual user accounts. 


M any Linux systems employ U ser Private G roupsto increase security on the system.A User 
Private Group system creates a group with a Sngle member for each new user account 
that is created. T he new user is the only member of the group. W hen a user creates a file or 
directory, that user’s private group is assgned as the group for that file or directory; thus no 
other users have access to the file or directory by virtue of belonging to the same group as 
the user that created it.T his prevents inadvertent security mishaps from making a user's files 
accesible to others that are part of the group assgned to a file that the user created. 


Administering User Accounts 271 


To understand the nature of groups, suppose you have created a new user account called 
chrislee. Because your sytem employs U ser Private Groups, the primary group for this 
user is the group named chrislee. U sr chrislee is also assigned to the following 
groups: projectleads, salesteam, and hrcommittee. Now suppose you want to 
give all members of the sales team access to a particular directory or group of files. R ather 
than having to assgn permissions to each user account individually, you can simply assign 
the necessary permission to the salesteam group. In the process, user chrislee will 
also be granted permission. (T his example is illustrated in Figure 8-1.) 


group salesteam 


group projectleads 


? 7 


chrislee william 


y 


rachelw 


? 


doncarlo 


group chrislee 


g 
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E 
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Figure 8-1 Example of groups and users 


User and Group Files 


U ser account information is sored in the file /etc/passwa. In earlier releases of Linux, 
password information for each user was also stored in this file, hence the file’s name. 
Because of security problems in the past, this is no longer the case. O ther basic informa- 
tion about each user is contained in the file, however.A sample /etc/passwd file from 
a new Linux installation is shown below, followed by a description of each of the file's 
colon- separated fields. 


nee The exact list of users created on a new Linux system depends on which version of 
Linux you are using and which features you have selected to install or activate. 
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root:x:0:0:root:/root:/bin/bash 
bin:x:1:1:bin:/bin: 

daemon:x:2:2:daemon:/sbin: 

adm:x:3:4:adm:/var/adm: 
lp:x:4:7:lp:/var/spool/lpd: 
synce:x:5:0:sync:/sbin:/bin/sync 
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown 
halt:x:7:0:halt:/sbin:/sbin/halt 
mail:x:8:12:mail:/var/spool/mail: 

news :x:9:13:news:/var/spool/news: 
uucp:x:10:14:uucp:/var/spool/uucp: 
operator:x:11:0:operator:/root: 
games:x:12:100:games:/usr/games: 
gopher:x:13:30:gopher: /usr/lib/gopher-data: 
ftp:x:14:50:FTP User:/home/ftp: 

nobody: x:99:99:Nobody:/: 

gdm:x:42:42::/home/gdm: /bin/bash 

xfs:x:100:233:X Font Server:/etc/X11/fs:/bin/false 
nwells:x:500:500:Nicholas Wells:/home/nwells:/bin/bash 


The following list describes the fields in the list above The last line of the file (the user 


nwells) is used as an example. 
a User account name (nwel1s): the name used by a person to log in to Linux. 
= Password (x): the password for each user was formerly stored in this field in 


encrypted form.An x in this field indicates that the shadow password system isin 
use, in which case the password information is stored in the file /etc/shadow. 


You will learn more about shadow passwords later in this chapter. 


m User!|D number, or UID (the first 500): a number from 0 to 65,535 that uniquely 
identifies this user on this Linux sytem.T he number is arbitrary and normally is 


automatically assigned by the utility used to create anew user account. 


m Group ID number, or GID (the second 500): a number from 0 to 65,535 that 
uniquely identifies the primary group for this user account.T he GID must corre- 


spond to a group defined in the /etc/group file (described below). 


a Theuser'sreal name (Nicholas Wells): a complete name (or a comment for 
non-regular users). Spaces are permitted in this field. If the user account was cre- 
ated for a certain role in the organization, other text can be placed here instead, 


such as“ Database Administrator.” 


=» Home directory (/home/nwells): the postion in the Linux file system that will 


be used as the current working directory when the user first logs in. 


= Default hell (/bin/bash): the program that runs automatically when the user 


logs in. T he default setting for this field is /bin/bash, which runs the bash 


shell. If a user prefers a different shell (such as the Korn shell or C shell), this 
field can be changed to accommodate that.T his field can also be used to start a 


nonshell program to restrict the user's actions in the system. 


Administering User Accounts 273 


Although you can edit the /etc/passwad file directly in a text editor, this is not a good idea. 
Advanced security measures that have been added to your distribution of Linux may make 
any alterations to the passwd file invalid. In addition, there isa small risk that another program 
might be trying to edit user information at the same time and create a conflict. Instead of 
a text editor, use the programs described in the following sections to update the user 
account file. If you need to use a text editor to correct a problem in the file, try the special 
editing program vipw. (T his program is basically a copy of the vi editor that automatically 
loads the passwd file) 


Groups on a Linux system are defined in the /etc/group file. A sample of this file is 
shown here, with the fields in the file (again separated by colons on each line) described in 
the following list. 


root::0:root 
bin::1:root,bin,daemon 
daemon: :2:root,bin,daemon 
sys::3:root,bin,adm 
adm: :4:root,adm,daemon 
tty::5: 

disk: :6:root 
1lp::7:daemon,1p 

mem: :8: 

kmem: : 9: 
wheel::10:root 
mail::12:mail 
news::13:news 

uucp: :14:uucp 

man::15: 

games::20: 

gopher: :30: 

dip::40: 

ftp: :50: 

nobody: :99: 
users::100: 
floppy:x:19: 
console:x:101: 
gdm:x:42: 

utmp:x:102: 
pppusers:x:230: 
popusers:x:231: 
slipusers:x:232: 
slocate:x:21: 
xfs:x:233: 
nwells:x:500: 
rsolomon:x:501: 
authors:x:502:rsolomon,nwells,jsmith 
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= The name of the group: this field cannot contain spaces. Avoid names more than 
eight letters long. 


m Group password: this field is either blank or x (meaning the password is tored in 
another location). Group passwords are rarely used. 


m Group ID (GID) number: this number uniquely identifies this group within the 
Linux sytem. Group numbers are automatically assigned when you create a new 
group, though you can specify a number if you prefer. 


= Members of the group: T his field identifies members of the group. N ote in the 
sample file that many groups do not have member users defined.A program may be 
able to assume the permissions of the group using system calls (programming 
instructions), but no user is part of the group by virtue of logging in. Some of 
the groups (such as sys and adm) have a comma-separated list of users as the 
last field. In addition to the two U ser Private Group items (for nwells and 
rsolomon in this sample file), a tandard group named authors has been 
added to this default installation. 


Some UNIX and Linux systems employ a special group called wheel, which has special 
administrative powers; it is essentially a reduced version of the root account. On some 
systems a user must be a member of the wheel group in order to use the su command 
to change to the root account permissions. Although Linux includes a wheel group 


by default (with root as the only member), no special features or privileges apply to 
the wheel group in Linux. 


Shadow Passwords 


All programs and users may need to access the list of users on the system stored in the 
/etc/passwd file H owever, if the encrypted password text is readable by many users, it 
may be subject to attack, allowing unauthorized use of someone's account. 


To counteract this problem, the passwords for Linux user accounts are no longer stored in 
the /etc/passwad file Instead, they are commonly stored in a file called /etc/shadow. 
Systems that make use of this file are said to be using the Shadow Password system. T his 
file can only be read by the root user (and special programs such as the login routine). 
T his tighter security protects all user passwords from the open access formerly allowed with 
the /etc/passwd file. 


A sample /etc/shadow file is shown below. Fields on each line are separated by colons, 
as in the /etc/passwd file.T he first field is a user account name that must correspond 
to a user account in /etc/passwd. The second field is the encrypted password text. 
Additional fields configure password security information for the user account on that 
line. For the many non-regular user accounts (such aS bin and daemon), an asterisk in the 
second field indicates that the account has no password. N o user can log in to an account 
with no password. 
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root:$1$x1lo51RMK$ok1XHuoBjHH7JmiVdk/fQ.:10815:0:99999:7:-1: 
-1:134538444 

bin: *:10815:0:99999:7::: 

daemon: *:10815:0:99999:7::: 

adm: *:10815:0:99999:7::: 

1p:*:10815:0:99999:7::: 

synco:*:10815:0:99999:7::: 

shutdown: *:10815:0:99999:7::: 

halt:*:10815:0:99999:7::: 

mail:*:10815:0:99999:7::: 

news: *:10815:0:99999:7::: 

uucp:*:10815:0:99999:7::: 

operator: *:10815:0:99999:7::: 

games:*:10815:0:99999:7::: 

gopher: *:10815:0:99999:7::: 

ftp: *:10815:0:99999:7::: 

nobody: *:10815:0:99999:7::: 

gdm: !!:10815:0:99999:7::: 

xfs:!!:10815:0:99999:7::: 

nwells:$1$3gWKUouQ$L7XUsJWpIwtqLUoW1lmVvN1:10816:0:99999:7:-1: 
-1:134538436 

rsolomon: 1J342Wuip3dYAh8$ 1lpvNMAVKS$UsrD6090:10817:0:99999:7:-1: 
-1:134538412 


On some Linux systems, user password security goes even further, with various systems avail- 
able that can hide and encrypt passwords. T hese systems are beyond the scope of this book, 
however. 


Creating New User Accounts 


N ew user accounts can be created using any of several methods The mog rudimentary is to 
edit the /etc/passwd file and then use the mkdir command to create a new home direc- 
tory.T his has several disadvantages, however: 


a Editing the /etc/passwd file can create a conflict with another program trying 
to edit the file as already stated. 


m Hand editing can introduce syntax errors. T he new user account may not work, 
and the errors might make other user accounts invalid as well. 


= Advanced security systems that store user information in nonstandard locations 
may not be affected by direct changes to the /etc/passwd file 


m Using one of the other methods is eager and can be included in system adminis- 
tration scripts. 


U ser administration is one of the main tasks of a sytem administrator, so many graphical tools 
are available. For instance, you may choose to use one of the graphical user configuration tools 
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gnome-linuxconf 


complex (user) routing 
masquerading rules 
mail to fax gateway 
virtual email domain 
user aliases 
virtual domain user aliast 
Jetc/sendmail.cf 
E} Anti-spam filters 
Rejected senders 
‘Relay for’ by IP 
‘Relay for’ by name 
Relay to hosts 
Eb Misc 
|- Information about other host: 
|- Information about other netw 
L Linuxconf network access 
FH Users accounts 
Eh Normal 
[User accounts 
[Group definitions 
L- Change root password 
Eh Special accounts 
-PPP accounts 
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shown in Figure 8-2.You had an opportunity to use the Linuxconf graphical utility in 
Chapter 4, when you created a user account for yourself after installing Linux. T hese utili- 
ties all work with the same core configuration files Some may allow group and password 
management in addition to user account management. 


Users accounts 


You can edit, add, or delete users 
Select [Add] to add a new definition 


Account 


Name Group 
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Figure 8-2 Graphical user account configuration tools 


On some Linux systems, a script named adduser is available. Using a script to 
create new users is less secure than using the useradd command. On the lat- 
est Linux systems (such as Red Hat 6), the adduser command merely points to 


The mos secure method of managing user accounts, however, is the useradd command. 
You will have a chance to practice using the useradd command in the hands-on projects 
at the end of this chapter. 


The useradd command allows you to automate user creation, update user accounts, and 
take advantage of various options when creating users. If additional security is added to your 
Linux system, an updated version of useradd isnormally included as the preferred method 
of adding new user accounts. 
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To add a user with useradd, you must be logged in aS root. Along with the command 
name, include the name of the new user account as a parameter. For example, to add a new 
account called rsolomon, you would use this command: 


useradd rsolomon 


T he default user account settings are used to create the account and a home directory. T hese 
defaults are tored in the /etc/login.defs file and in the /etc/default/useradd file. 


Specific options can be added to the useradd command.T hese options override any default 
settings for the user account that you are creating. For example, if you want to include the 
user's full name in the command field (generally a good idea), you can use the -c option. 
The -g option defines the primary group for the new user.A command incorporating these 
two options would look like this: 


useradd -g sales -c "Raley Solomon" rsolomon 


In this example, the value of the -c parameter is Raley Solomon. Because this value 
includes a space, it must be enclosed in quotation marks so the useradd command does 
not interpret the part after the space (Solomon) as the next command parameter. 


Table 8-2 hows the options for the useradd command. 


Table 8-2 Useradd Command Options 


Description Example 


Defines a user's full name or useradd -c "Jose Carrera" josec 
other comment for this account 


Specifies the home directory useradd -d /usr/home/ josec 
path (useful mostly for special 
user accounts that use a 
nonstandard home directory 
location). 


Specifies the date this user useradd -e 03/15/01 josec 


account will expire (and be 
disabled automatically). Used 
for temporary accounts. 


Specifies the number of days useradd -f 7 josec 
after the password expires until 
the account is disabled. 


Specifies the primary group for | useradd -g ops josec 
the new user (either the group’s 
name or its unique GID number 
can be used). 


278 


Chapter8 Basic Administration Tasks 


Table 8-2 Useradd Command Options (continued) 


Adds a list of additional groups 
that the new user should be 
made a member of (this 
information is stored in the 
/etc/group file, not in 
/etc/passwad). 


Example 


useradd -G teamlead,party,emt josec 


Forces creation of the user's useradd 
home directory, even if the 

default settings do not include 

creating a home directory. 


Does not create a home useradd 
directory, even if the default is 
set to include one. 


Disables the User Private useradd 
Group feature so that a group 

matching the new username 

is not created. 


Sets the user's login shell. The /bin/zsh josec 
default shell in Linux is bash. 

The complete path to another 

shell program can be used with 

this option. 


Sets a specific numeric value useradd 509 josec 
for the user ID of the new user. 

(Normally a UID is selected 

automatically— use this option 

if you need to force the use of 

a specific UID number.) 


To display the default settings for the useradd command, use the -D option. Typical output 
of the -D option is shown here: 


# useradd -D 
GROUP=100 
HOME=/home 
INACTIVE=-1 
EXPIRE= 
SHELL=/bin/bash 
SKEL=/etc/skel 


T he information returned by the -D option is described in the following lig: 


= GROUP: the group ID number for the group that all new users will be placed in 
(as a primary group) if no other is indicated when the user is created. 


= HOME: the path in which home directories for new users will be created. 
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= INACTIVE: the number of days after the password for the new account expires that 
the account will be disabled. U sing a value of -1 for this field disables this option 
(the user account will not be disabled). 


= EXPIRE: the expiration date for a new user account. 


= SHELL: the path and program name for the default shell (command-line inter- 
preter) to be used by a new user account. 


= SKEL: the path to the skeleton directory used to fill anew home directory with 
basic files (this directory is discussed later in this section). 


You can also us the -p option to update the defaults that will be used in the future for all 
new user accounts For example, to change the default shell so that all new users will use the 
C shell instead of the bash Shell, use this command: 


# useradd -D -s /bin/csh 


tm If you prefer, you can edit the /etc/default/useradd file directly in a text editor. 


T he items you are most likely to need to update in the default user creation settings are the 
login preferences— that is, the settings for how long a password can be used, how many days 
after expiration before the account is disabled, and so forth. Because all of these options are 
part of Linux security, they are not described in detail here. They are documented in the 
/etc/login.defs file and in the man page for useradd. 


After adding a new user account, check that the user's home directory has been created. For 
example, after creating a user with the command useradd jsmith, you should check that 
the directory /home/jsmith exists. Depending on how you have set up e-mail accounts 
on your network, each user may also need a file to hold incoming email in the 
/var/spool/mail/ directory. For example, after creating anew account with the com- 
mand useradd jsmith, you may need to also create the mail file for this user with the 
touch command (which creates an empty file or updates the access time of a file). In this 
example, the touch command would be: touch /var/spool/mail/jsmith. 


Changing User Passwords 


Before anyone can log in using a new account, the account must be assigned a pasword. 
After the password is assigned, the account is ready for normal use. A password isnot defined 
by useradd when anew user account is created. 


the new user account. It is not possible to create passwords with the command-line 


Some of the graphical tools shown in Figure 8-2 can be used to create a password for 
utility useradd. 
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The passwd command is used to change (or initially set up) a password on a user account. 
(This command has the same name as the /etc/passwd file.) To use this command as 
root, include the name of the user account whos password you need to configure. You 
must then enter the new password twice to be certain you have not made a typing error. 


Suppo% you have already created a new user named lizw, and you want to set this user's 
initial password or change this user's password. For either task, you must do the following: 


1. M ake sure you're logged in as root. 
2. Enter the command passwd lizw.T he following text then appears on the screen: 


Changing password for lizw 
New UNIX password: 


(N ote that the word UNIX indicates the type of password system Linux is using.) 


3. Type the new password for the Linux user account and press Enter. N othing 
appears on screen as you type, % work carefully. T he following text appears when 
you press Enter: 


Retype new UNIX password: 


4. Type the new password a second time, exactly as you typed it the first time T his 
verifies that the password was entered as you intended to type it, without any typ- 
ing mistakes. W hen you press Enter the second time, the following text appears: 


passwd: all authentication tokens updated successfully 


If you enter a password that is a poor choice (such as password, the username, or a imple 
word from the dictionary), you see a message stating BAD PASSWORD. Although this message 
should cause you to reconsder the password, the password is gill changed. For a temporary 
pasword on new accounts, almost anything will do. Popular choices include the user's 
account name (lizw in this example), the word password, change me, or something similar. 


T he standard procedure is for a system administrator to assign an initial pasword to a new 
account using the steps just given, thus enabling the user account for regular use.T he admin- 
istrator should communicate the password to the new user, who should then immediately 
select a new password that is unknown to the root user or to any other users. 


The user can change his or her password by using the passwd command without any 
parameters. T hus, after 1izw has logged in, she can change her own password as follows: 


1. Type the command passwd.T he following text then appears on the screen: 


Changing password for lizw 
(current) UNIX password: 


(N ote that the word UNIX indicates the type of password system Linux is using.) 


2. Type the current password for the 1izw account and press Enter. N othing 
appears on screen as you type, so work carefully. T he following text appears when 
you press Enter: 


New UNIX password: 
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3. Enter anew UNIX password, typing carefully (nothing appears on screen as you 
type).W hen you press Enter, the following text appears: 


Retype new UNIX password: 


4. Type the new password a second time, exactly as you typed it the first time.T his 
verifies that the password was entered as you intended to type it.W hen you press 
Enter, the following text appears: 


passwd: all authentication tokens updated successfully 


Although the root user can use any word as a password, the default settings do not allow reg- 
ular users to change their passwords to something like password or their user account name. 
A message stating BAD PASSWORD will appear if a poor password choice is entered, and the 
password will not be updated. The root user can change the root password by using the 
passwd command without including a user account name. 


As the sytem administrator, you must explain to users the importance of changing their 
passwords immediately after anew account is created for them. Passwords should be changed 
monthly, even if the Linux sytem does not enforce frequent changes T his lessens the dan- 
ger that someone may discover a user's password and be able to continue using it. Good pas- 
words have these characteristics: 


a They are at least 5 characters long, though a 7- to 10-character password is much 
more secure. 


a They include digits or punctuation marks A common trick is to substitute the 
number 1 for the letter | and the number 0 for the letter o, but this is too well 
known to add much security. 


= They mix upper- and lowercase letters in nonstandard ways. 


m They are easy for the account owner to remember, but hard for anyone else to 
guess— even someone who knows the account owner well. 


a They ae not created from asimple manipulation of a word found in a dictionary 
or the name of a person or place. 


A password that is hard to remember is probably hard for someone else to discover, but it 
doesn't help security much if the password is written on a note taped to the computer mon- 
itor. Creating a password that is pronounceable (with punctuation added in the middle) will 
help you to remember it.T hree good examples of passwords are: 


a miCru%norM ous@ 
a BLAST-!tALL 
a cal=9LL&nOw 


Asyou choos a password for your account, especially the root account on the Linux system, 
remember that you will be dealing with many different passwords T hese include the root pas- 
word, a personal account password, plus passwords for other parts of your life such as bank 
accounts, Web pages, and voice mail codes If these passwords and codes are identical or even 
gmilar, discovery of one of your passwords could jeopardize the security of many different areas. 
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Creating New Groups 


Although modifying the /etc/group file in a text editor does not pose as great a danger 
as editing /etc/passwd, the preferred method for adding a new group is to use the 
groupadd command.T his command is used much like the useradd command, but it 
supports fewer options. 


Graphical tools designed for creating users often allow you to create groups as well. 
lm These tools are useful if you prefer to work in a graphical environment. However, you 
should learn about the groupadd command as a backup and for troubleshooting, 


because the graphical tools rarely allow you to do much besides simply creating and 
deleting groups. 


To add anew group, include the group name as a parameter, as follows: 
groupadd managers 


If you need to use a specific GID number for the new group, you can include it with the 
-g option. For example: 


groupadd -g 919 managers 


M odifying User Accounts 


After setting up user and group accounts as described in the preceding sections, you will find 
occasions when you need to modify or update the account information.To do this, use the 
usermod (for use modify) command or groupmod (for group modify) command.T he usermod 
command uses the same options as the useradd command, but it operates on an existing user 
account. To use the usermod command to update a user's account information, type usermod 
followed by one of the usermod parameters and a value for that parameter. For example, sup- 
pose lizw gets married and wishes to have her full name changed from Liz Wells to Liz 
O sow&i on her employment records and user account. U sing the -c option, as with the 
useradd command to change the Comment field of the user account, the command to 
update the 1izw account to include the new name would be: 


usermod -c "Liz Osowski" lizw 
You can change the user's login name from 1izw to lizo with the -1 option: 
usermod -l lizo -d /home/1lizo lizw 


U sing the -1 option alone leaves the home directory as it was before (/home/lizw). 
By using the -d option shown above, the home directory path for the user account is 
updated as well (to /home/1izo). N ote that the usermod command cannot be used 
to change the directory name. After using the usermod -a command, you must change 
the actual directory name as follows 


mv /home/lizw /home/1lizo 


As another example, suppos you created an account for anew employee, using the default 
settings, and then discovered that the new employee prefers to use a different login shell and 
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needs to be part of several additional groups to accommodate her job respongbilities. The 
command to update the user account would be something like this: 


usermod -G taskforce,marketing -s /bin/tcsh srubenst 


Automating Home Directory Creation 


When you create a new user account, it’s very useful to include basic configuration files in 
the new user's home directory. T his information might include: 


=» Company document templates and calendars 
a Environment settings to access department printers and servers 
= Terminal settings to make Linux work well with desktop PCs 


=» Commands (scripts) to automate basic tasks and set up the user's system each time 
the user logs in 


By using the /etc/skel directory, you can automatically copy files and thus apply settings 
to each new user account as you create the account. When you us useradd (or mot 
graphical user creation utilities), all of the files in the /etc/skel directory are copied into 
a new user's home directory when the account is first created. As the system administrator, 
you should place files in /etc/skel when you first install Linux so that those files are 
automatically placed in each user’s home directory that you create later with the useradd 
command. Because these are likely to be configuration files, many of them are hidden. By 
using the 1s -1a command, you can lis the contents of the /etc/skel directory. H ere is 
one verson: 


$ ls —la /etc/skel 
total 12 


drwxr-xr-x 4 root root 1024 Jun 10 08:12 

drwxr-xr-x 31 root root 3072 Aug 9 14:13 .. 
-rw-r--r-- 1 root root 1422 Mar 29 09:08 .Xdefaults 
-rw-r--r-- 1 root root 24 Jul 13 1994 .bash_logout 
-rw-r--r-- 1 root root 230 Aug 22 1998 .bash_ profile 
-rw-r--r-- 1 root root 124 Aug 23 1995 „bashrc 
drwxr-xr-x 3 root root 1024 Jun 10 08:12 „kde 
-rw-r--r-- 1 root root 966 Apr 16 14:45 .kderc 
drwxr-xr-x 5 root root 1024 Jun 10 08:12 Desktop 


T he files shown here are used for the X Window System (graphical interface), the bash 
default shell, and the KDE Desktop (which was installed on this sytem). If you want to have 
other files included in each user's home directory, simply copy thos files to /etc/skel. 


The files from /etc/skel are copied to a user's home directory when the account is 
lm created. When you add files to /etc/skel, they are not added automatically to the 
home directories of all existing user accounts; only user accounts created after the new 


files are added will include them. For existing accounts, you must copy any additional 
files to the home directories manually. 


284 


Chapter8 Basic Administration Tasks 


Creating Aliases to Ease User Angst 


As you add files to the /etc/skel directory in order to prepare an environment for new 
users, you may also want to edit the existing startup files to add functionality or ease the tran- 
stion to Linux. O ne of the beg ways to do thisis by adding aliases to the .bashre startup 
script.T he commands in this script are executed each time a user starts a sson (logs in or 
opens anew command-line window). By adding aliases to this file you can define pseudo- 
commands that may make it easier for users to work with Linux (you may even want to add 
some to your own environment). 


By using the alias command, you can give any Linux command another name— an alias. 
For example, you can create an alias named copy for the cp command.T hen whenever you 
enter copy on a command line, the cp command is executed. To use the alias command 
to define another name for a command, you include the new command name (the alias) fol- 
lowed by an equal sgn and the real command (which can include command options if you 
wish). T he real command should be enclosed in quotation marks if it includes spaces. For 
example, this alias command makes the copy command (which doesn’t really exist in Linux) 
execute the real command cp: 


alias copy=cp 


You can execute this alias command on any command line By adding it to the .bashre 
xript, the alias command is executed automatically as every command-line session starts. 
After you enter this alias command, the copy command will always be interpreted as cp. 
How is this done? T he shell (bash) actually substitutes the string cp whenever you enter 
the ring copy.As with the rest of Linux, these strings are case sensitive, so entering copy 
won't have the same effect as entering copy.Asarule, adding a few of these aliases can make 
it easier for users to become comfortable with Linux commands. 


Don’t confuse the text substitution aliases described here with other types of links or 
Le} substitutions that may also be called aliases or links. Examples include symbolic links in 


the file system and e-mail aliases used by an e-mail server. 


If you add dliases to the .bashrc file, they are only in effect if the user runs the bash Shell. 
Similar startup files can be created for other shells such as .kshre for the Korn shell and .cshre 
for the C shell. Each of these is a hidden file (and thus the filename begins with a period). 


Aliases serve many purposes. In addition to making DOS commands available, as in the 
example for copy, you might add aliases to do the following: 


= To shorten commonly used commands. For example, if you must regularly use 
the command cd /mnt/samba/datafiles/project/, you could create an 
alias that allows you to Smply type cdp.T his command sets up the alias: 


alias cdp="cd /mnt/samba/datafiles/project/" 


= To fix typing errors For example, if you habitually type s1 instead of 1s, create 
an alias that changes s1 to 1s.T his command sets up the alias: 


alias sl=ls 
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= To make operations safer by including options to confirm file deletions.A com- 
mon feature is to have an alias named rm that refersto rm -i, so that you mug 
confirm each file that is removed. T his command sets up the alias: 


alias rm="rm -i" 


To se a lig of the aliases that are active in your environment at any time, use the alias com- 
mand without any parameters, as follows 


$ alias 


You can also review the .bashrc file in your own home directory or in /etc/skel to e 
the default aliases configured on your system. (O n some Linux systems, aliases are configured 
in the systemwide files /etc/bashre Or /etc/profile.) 


Setting Up Environment Variables 


In addition to aliases, many users will require environment variables that make it possible 
to access various programs and services. Environment variables are named values that 
any program can access. For example, when a database program is executed, it may expect 
an environment variable named pB_pziR to indicate the path where the database files are 
located. If that environment variable is not specified, the database will not be able to 
Operate. In such a situation, each user’s environment must include a definition of the 
DB_DIR environment variable. 


M any Linux programs rely on environment variables to store configuration information. 
R ather than maintain a configuration file, a program's documentation may specify several 
environment variables that the user can set to alter how the program operates. The bash 
hell is a good example of this The bash shell uses many environment variables to deter- 
mine how features of the shell are used. For example, to change the prompt used at each 
command line, a user Smply alters the environment variable Ps1.To alter how often the shell 
checks for new email messages, a user changes the value of the MAILCHECK variable. T he 
manual page for bash lists over 50 environment variables that a user or program can use to 
learn the status of bash or to affect how bash operates. 


To set an environment variable from the command line, use the export command with the 
variable name and value. For example: 


export DB DIR=/opt/database/ 


H owever, to avoid the need to enter this command each time a user logs in, this command 
can be added to the configuration files described previoudy: .bashrc in the home direc- 
tory, or /etc/bashrc if the environment variable is needed by all users 


Disabling User Accounts 


At times you will need to disable a user account—either temporarily or permanently. 
R easons for disabling a user account include: 


a An employee has left the organization (permanent deletion of the account) 
a An employee is on vacation (temporary disabling as a security precaution) 
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a A gues user has not paid for the account or for computer time (temporary, per- 
haps permanent later on) 


= An employee is under disciplinary action and is not alowed to access company 
information (temporary, perhaps permanent later on) 


To temporarily disable a user's account, you can amply change the password so that the user 
can no longer log in.T his can be done with the passwd command as described previous- 
ly. H owever, be sure to use a password that is not easy to guess, rather than a imple password 
like change.me. 


If you are concerned about having an active account with only anew password as security, you 
can edit the /etc/shadow file in a text editor and place an aterik before the encrypted pas- 
word.T his saves the password (because you can imply remove the asterix later to reenable the 
account). But while the asterisk is part of the password, Linux will not allow anyone to log in 
to the user account.T he line in /etc/shadow before the edit might look like this 


nwells:$12$tJhxVO2kUgVU2/004343530:10799:0:99999:7:-1:-1:134538468 
And after the edit it looks like this 
nwells:*$12StJhxVO2kUgVU2/004347530:10799:0:99999:7:-1:-1:134538468 


The other fields of the /etc/shadow file are described in the manual page for this file 


but are not described here because they relate explicitly to system security. 


If you decide to permanently delete a user’s account, use the userdel command with the 
user account name. For example: 


userdel lizo 


T his command removes the user named lizo from the user database (/etc/passwd or a 
gmilar secure file). As a result, the user will no longer be able to log in because the user 
account no longer exists. H owever, keep in mind that the userde1l command does not 
remove the user's home directory or its contents As a result, it is posible for the administra- 
tor to review or save the information contained in the home directory of a disabled user 
account. Be aware, however, that if an employee is leaving the organization, friends may be 
able to access part of the former employee's home directory (because of common group 
membership, for example) and pass files to that person. It’s generally a very good idea to 
archive or otherwise remove or relocate the home directory of a deleted user account as soon 
as possble after deleting the account. 
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MAINTAINING FILE SYSTEMS 


W hen you install Linux, you create the root file sytem in which the operating system is stored. 
The term file system refers to an organized set of data that can be accessed via the standard 
Linux directory structure The command-line instructions (such acd /home/nwells) tha 
refer to the directory paths in Linux provide access to data tored in an underlying file sytem 
located on a hard dis or other physical device. 


The root file sytem within which Linux is installed is normally located on one of the com- 
puter’s main hard disks Even a basic Linux system uses many other different file systems, how- 
ever. Each one provides access to a different set of information. In some operating systems file 
systems are accessed using drive letters or special network access tools, but as you have seen in 
previous chapters, all Linux file systems are accessed as part of a single directory tree starting 
with the root directory.T he root directory is always indicated by a forward dash / 


To access a file system in Linux, it must first be mounted into the root directory structure. 
Even the root file system must be mounted— although this occurs during the initialization 
of Linux at boot time. O ther special file systems (listed in Table 8-3) are also mounted during 
initialization.You can set up additional file sytemsto be mounted during initialization, or you 
can mount them manually after the system has booted. T he Linux directory structure always 
provides access to multiple file systems, each one is accessed via a different directory path.T he 
sample setup in Figure 8-3 hows how different parts of the directory structure can be located 
on different physical devices. 


Root partition 


i 


/dev/hdal 


Directory structure 
(_——___., jain 


/usr 


/etc M ounted partitions 


/home foo /dev/hda2 
Jopt [—_} denan 


Figure 8-3 File systems mounted in the directory structure 
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Some of the special file systems that Linux mounts automatically after a tandard installation 
are shown inTable 8-3.T he term mount point refers to the path in the directory structure 
where the data in a file system can be accessed.T he data stored within some of these file ys- 
tems can be viewed using the cat command. T his command dumps the contents of a file 
to STDOUT (which normally appears on the screen). For example, you can use the fol- 
lowing command to view information within the proc file system: 


cat /proc/meminfo 


Table 8-3 Automatically Mounted File Systems 


File system Mount point Description 


No mount point. This Used to create virtual memory, allowing the Linux 

is a special file system kernel to work as if the amount of system memory 
used only by the Linux | available isthe sum of RAM and the swap file system. 
kernel. 


Provides up-to-date information about the kernel 
and all processes running on Linux. 


Automatically mounts a device when a request is 
made to the device. (This is called the automount- 
ing file system or the automount daemon— amd. It 
is installed automatically with most Linux systems.) 
Serves as the base of a running Linux system. The 
root file system cannot be unmounted unless you 
first shut down Linux. 


You use the mount utility to view all of the file systems currently available to the system. 
U sng the mount command without any parameters displays a list of the currently mounted 
file systems, as follows 


$ mount 

/dev/hda4 on / type ext2 (rw) 

/dev/hda2 on none type swap (rw) 

/proc on /proc type proc (rw) 

brighton: (pid455) on /auto type auto 

intr,rw, port=1023,timeo=8,retrans=110,indirect,map=/etc/amd.local 
dev) 


T he output from the mount command includes fields, from left to right, as described in the 
following list: 


= The device where the file system is located (such as /dev/hda4 on the first line 
of the output above, which refers to a hard dix partition) 


m The path in the directory structure where the file system can be accessed (such as 
/ on the first line of output above) 


= The type of the file system, which indicates the format of data stored on the file 
system (ext2 is the type on the first line above) 
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m The options that apply to the file sytem.T hese are described in detail in Table 8-5. 
The options on the first line of output above are rw, indicating that the file sytem 
is mounted for both reading and writing of data. 


M anaging Linux file systems is critical to running a successful Linux system. Although file 
systems as a rule don’t require much day-to-day maintenance, the more people using a Linux 
system and the more crucial the data tored on that system, the more important it becomes 
to track and maintain the file systems. 


The next sections describe how to manage file systems to provide disk space and stability for 
all Linux users. Additional information on safeguarding file systems is provided in Chapter 9. 
Chapter 14 describes how to back up file system data. 


Checking File System Status 


File systems that are used regularly tend to become disorganized and to fill up with data as 
users create new files If the root file sytem of Linux becomes full, the Linux kernel can- 
not function and the system will crash. If the space where users files are stored becomes full, 
users will not be able to complete their work. 


By using the af utility at a Linux command line, you can digplay the file systems that are 
mounted in Linux and see the space used on each one.T he af utility only displays regular 
file systems, not special file systems like /proc.T he following sample output from a£ shows 
two file systems that are dangerougy full. 


$ df 

File system 1024-blocks Used Available Capacity Mounted on 
/dev/hda4 956173 895614 11160 99% / 
/dev/hda3 1018329 901074 64643 93% 

/opt 

sundance:/a 2017438 1210459 806979 60% /a 


T he fields output by the a£ command, from left to right, are described in the following lig: 


m The device where the file sytem is stored. T his is normally either a hard disk 
device name or a networked location (asin the last line of the sample output). 


= The number of 1 KB blocks on the device. T his indicates the file system's overall 
size. For example, in the sample output, the size of the three devices currently 
mounted are approximately 1 GB, 1 GB, and 2 GB, respectively. 


a The number of 1 KB blocks that are used on the device. 
a The number of 1 KB blocks that are free on the device 


m The percentage of capacity reached so far (percentage full) for the device. T his is 
the critical number. If this value is approaching 100%, action needs to be taken. 


m The location in the directory structure where this device is accessed. 


If a file sytem is becoming full, you probably won't have the luxury of shutting down the 
Linux system while you figure out what to do.The busier your Linux system, the quicker a 
file sytem can fill up as multiple users download files, create new documents, and % forth. 
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To understand how quickly the Capacity percentage can increase, consider this example: If 
the hard disk partition where a file system is located is only 1 GB in size, one percent of the 
file system is 10 M B, not even enough for one large application to be downloaded. If you 
have a 100 GB file system, one percent is 1 GB, which may be enough space to continue 
running for a hort time Of course, if you need 100 GB of storage, you can probably use 
1 GB quite rapidly. The a£ command run on a major ISP might look more like the fol- 
lowing example. After reviewing this, you should be able to see why larger systems require 
more careful maintenance procedures to keep them running smoothly. 


File system 1024-blocks Used Available Capacity Mounted on 
/dev/dsk/c0t3d0s0 229610 110187 119423 48% / 
/dev/dsk/c0t3d0s6é 306954 245175 61779 803 /usr 
/dev/dsk/c0t0d0s0 5783718 3378119 2405599 58% /var 
/dev/dsk/c0t1d0s7 2663048 1983612 679436 75% /spacel 
/dev/dsk/c0t1d0s6é 533992 232744 301248 44% /usr/local 
nfs.isp.com:/home 69837128 42182931 27654197 60% /home 
mail.isp.com:/var/mail 10766840 8172635 2594205 76% /var/mail 


If you see that a file system is nearing capacity, you can immediately free space by perform- 
ing one of the actions in the following list. R emember, however, that you must free pace in 
the directories where the file sytem is mounted. For example, if you have a separate device 
such asa hard dix partition mounted at the /home directory and the partition is almost full, 
you must free space in /home or its subdirectories Freeing space in /tmp won't help. 


m Look for large or numerous files in the /tmp directory that can be deleted. 


m Look for large or numerous files in the /var subdirectories, especially in tmp/ 
and spool/ 


= Move the system log file (/var/log/messages) to another file system that 
isn't as full. 


m See if any of the user subdirectories are using an inordinate amount of disk space. 


= Consider deleting unused archive files that are backed up or even applications that 
you Can reinstall later when space is not critically short. 


W hile you need to be very careful as you delete files, you may have to act quickly in response 
to an overly full file system. In using the techniques just listed, the du utility can be a big 
help. The du utility provides disk usage information on a directory tree When you run du 
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at a Linux command line, you see a summary report of the space used by that directory and 
each of its subdirectories A few sample lines from the output of du are shown here: 


$ du 

22 -/public html 

2228 ./Public/shell_programming 
2229 -/Public 

2 . /Desktop/Autostart 

2 ./Desktop/Trash 

8 . /Desktop/Templates 

13 ./Desktop 

1 ./.kde/share/apps/kfm/tmp 
1 /.kde/share/apps/kfm/bookmarks 
6 /.kde/share/apps/kfm 

1 /.kde/share/apps/kppp/Rules 
1 /.kde/share/apps/kppp/Log 
3 /.kde/share/apps/kppp 

10 ./.kde/share/apps 

15 ./.kde/share/config 

1 ./.kde/share/icons/mini 

2 /.kde/share/icons 

1 /.kde/share/applnk 

1 /.kde/share/mimelnk 

30 /.kde/share 

31 ./.kde 

1 ./archive 

2337 


T he number at the far left indicateshow many 1 KB blocks are used by the subdirectory. Every 
subdirectory is shown separately, with totals for the parent directory. For example, the line how- 
ing 13 KB for the Desktop directory includes the sum of the /Desktop/Autostart direc- 
tory, the /Desktop/Trash directory, and the /Desktop/Templates directory, as well as any 
files located in the Desktop directory itself. So by looking at the lat line (the period indicates 
the current directory), you can see how much space is used by the entire directory tree. M ore 
importantly, if you need to manage how ace is used on a file system, you can see which sub- 
directories are consuming space, even if they are buried deep in the directory structure 


Suppos you wanted to see if any single home directory consumed more than 10 MB of 
space. T he output of the du command is given in KB, so we calculate that 10 M B is equal 
to roughly 10,000 KB of space. T he following commands would change you to the home 
directories (on most Linux sytems— the location is configurable) and list any large directo- 
ries for you: 


$ cd /home 
$ du | grep *....[0-9] 


292 


Chapter8 Basic Administration Tasks 


If any line of the output of du starts with a number with more than four digits, grep will 
print that line, howing you the oversized subdirectory. T he output of the above command 
might look like this: 


72529 ./nwells/images/NASA_mars/ 
10218 ./nwells/database/archive/ 
21749 ./rsolomon/doc/HTML/ 


R unning du on the root directory of a large system can take some time (and Sow down 
everyone else's work). Any directory that contains thousands of files or hundreds of subdi- 
rectories requires some time for the du command to process. 


To avoid drains on the sytem, conader using the du command in the middle of the night 
or at some other time when no one is using the system. M ake it a practice to update a file 
containing the output of du each night. T hen you can quickly search that file for overly large 
directories— directories that may require your attention (in the form of deleting or archiv- 
ing files) if space becomes scarce. 


In addition to using the du command, you can employ various graphical tools and sytem 
administration scripts that will automatically alert you to a file system that is approaching a 
threshold you specify. In Chapter 12, you will learn how to schedule tasks (such as running 
du) for the middle of the night, usng smple programs called shell scripts. 


Creating New File Systems 


Asa Linux system grows, it will usually require additional storage space. As you will learn in 
Chapter 14, you can use archive systems to remove unused information and then store this 
data on compact disc, treaming tape, or other devices N evertheless, the amount of “live” tor- 
age needed often grows to exceed the administrator's original expectations. In fact, part of 
planning a Linux system in an organization is knowing in advance what steps will be taken 
when the sytem must be expanded. If these steps are outlined in advance, a system adminis- 
trator is less likely to make choices that create obstacles to efficient sytem upgrades later on. 


Adding a file sytem generally means adding a hard disk device to your sytem and making 
that hard disk available to Linux by formatting and mounting it.T his process is Smilar to part 
of the Linux installation process. Because the installation utility takes care of some details 
described in this section, however, the steps described here may not be familiar to you. In this 
section you will learn how to make additional file sytems stored on a hard dik, CD-ROM, 
or other device into active parts of your Linux directory structure. 


You can incall new file systems that are permanent (loaded each time you boot Linux) or 
temporary (loaded only occasionally as needed). File systems can be stored on a device with 
removable media (such as a cartridge) or fixed media (such as a hard disk). Some of the 
devices you might install on your computer are listed below. D ata can be stored on any of 
these devices: 


a CD-ROM drives 
a CD writers 
a DVD compact disc drives 
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= Tape drives 

m Hard diks 

m |omega Zip and Jaz drives 

m Other special removable cartridge devices 


T hese devices can be connected to the computer's system board via an IDE interface, a SC SI 
interface, or by other proprietary expangon cards. 


Linux can use the Network File System (NFS) to access file systems on other comput- 
iy ers (that is, to access hard disks located on remote systems). It can also use NFS to 
mount such remote file systems as part of the local root file system. M any techniques 


described in this section apply to managing remote file systems. However, the details 
of using NFS are beyond the scope of this book. 


T he steps involved in installing anew hard disk in your Linux-based computer are beyond 
the scope of this book. You should consult your hardware manual for detailed guidelines. 
Once the hard dix is installed, you can use the Linux fdisk command to examine its par- 
titions, creating new partitions for use by Linux if needed. Before any hard disk can be used 
as a native Linux file system, it must have Linux partitions defined. You learned about using 
the fdisk utility to create Linux partitions as you installed Linux.T he fdisk utility can be 
used in the same way to prepare new devices installed on your system. 


Devices with removable media such as lomega Jaz disks and CD-ROM drives cannot 
have multiple partitions. With such devices, you can proceed directly to formatting the 
device for use by Linux. 


Almost dl file sytem devices use either an IDE or SCSI interface to communicate with your 
computer. Devices connected to these interfaces use standardized device names in Linux. 
Table 8-4 provides some examples designed to help you determine the correct name for a 
device.All IDE and SCSI devices are accessed via the /dev subdirectory. 


Table 8-4 Example Linux Device Names 


Device Description 


/dev/hda The first IDE device 

/dev/hdb The second IDE device 

/dev/hdc The third IDE device (often a CD-ROM drive) 
/dev/hdal The first partition on the first IDE device 
/dev/hdb3 The third partition on the second IDE hard disk 
/dev/sda The first SCSI device 

/dev/sdb The second SCSI device 

/dev/sda4 The fourth partition on the first SCSI hard disk 
/dev/sdcl The first partition on the third SCSI hard disk 
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For example, you can use the fdisk utility to set up partitions on a standard SC SI hard dik 
using this commana: 


/sbin/fdisk /dev/sdb 


Once the fdisk utility has started, the p command in fdisk shows you the existing par- 
tition table; the n command starts the process of defining a new partition if you need to cre- 
ate a Linux partition on the new device As you'll recall from installing Linux, the partition 
number is added to the device name. For example, if you create two partitions on the sec- 
ond SCSI hard disk, they are accessed as devices /dev/sdb1 and /dev/sdb2. 


If your device uses a Special interface (not IDE or SCSI), Linux may already provide support 
for the device. In some cases you will need to contact the manufacturer to ask about Linux 
support. Alternatively, you can query a Linux mailing lit or newsgroup to see if others have 
successfully used the device on a Linux system. 


T he extended file sytem 2 (ext2) is the default or native file system used by Linux. Once 
you have created the Linux partitions, you need to format the partition with the ext2 file 
system.T he command to create anew ext2 file sytem ismke2fs (for make ext2 file system). 
T his command formats the partition, erasing all information on it, and organizes space for 
data to be recorded so that the partition can be used by Linux.T he command is as simple to 
use as adding the device name as a parameter: 


/sbin/mke2fs /dev/sdb2 


To format a hard disk partition, you may also use the mkfs program.T his program requires 
a parameter to indicate the type of file system being created. T he mkfs command smply 
garts the mke2£s command. T his is an example of using the mkfs command to format a 
Linux file system: 


/sbin/mkfs -t ext2 /dev/sdb2 


When you format an ext2 file sytem, you see many lines of output on the screen as the 
program lists all of the structure information that is being written to the device. In any case, 
formatting even a large hard drive is quite fast. On a Pentium system, using mke2fs ona 
4 GB partition normally takes less than one minute to complete. 


mand is rarely used, however, because all floppy disks are preformatted; the man page 


You can use a special command called £dformat to format floppy disks. This com- 
provides detailed information. 


M ounting File Systems 


After a new file system has been created (that is, formatted), it can be mounted as part of the 
Linux directory structure and accessed jug like the existing Linux partitions. To add a new 
file sytem, you must create a directory as a mount point, which is a place in the directory 
gructure where the file system can be accessed. O nce you have created a directory to use as 
a mount point, use the mount command to activate the file sytem. 
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To create a directory, use the mkdir command and define the directory that you have cho- 
sen as an access point for the new file system. For example, if the new hard dix is intended 
as a document archive for your office, you could create a directory called /archive. If the 
new file sytem will be used for a database sytem and all applications are currently stored in 
the /opt directory, you might define the /opt/db directory as a mount point. T he com- 
mand would be: 


mkdir /opt/db 


After you create the directory, it is enpty— it’s just another directory on your root file ys- 
tem. The next step is to use the mount command to instruct Linux to access the new file 
system whenever you go to the /opt/db directory.T he mount command can be complex. 
This is how the command would look using the example values used so far: 


mount -t ext2 /dev/sdb2 /opt/db 


T his command says mount a file system of type ext2 (Linux native) located on the device 
/dev/sdb2, and make it accessible on the directory /opt/db. 


N ow when you go to the /opt/db directory, you'll find that it is no longer empty. Instead, 
it contains a directory with a range- looking name: lost+found.T he lost+found direc- 
tory is placed in the beginning of all new ext2 file yems T his directory is initially empty, 
but when you use dix- checking utilities (described in C hapter 9), files may be created in the 
lost+found directory.You will very rarely see anything in this directory, but don't delete it. 
The presence of the lost+found directory indicates that the new file sytem has been 
mounted successfully. 


You can also use the mount command without any parameters to display a list of all 
mounted file systems, as shown earlier in this chapter. If you used the mount command 
alone in the previous example, the list of mounted file systems would include the 
/dev/sdb2 device mounted on /opt/db. 


T he standard devices that are included when you install Linux generally have a mount point 
directory already created for them. For example, the floppy disk drive and CD-ROM drive 
are normally mounted to /mnt/floppy and /mnt/cdrom, respectively. T hese directories 
are created when Linux is installed. You can mount a CD-ROM by using this command, 
including the mount point as a parameter: 


mount /mnt/cdrom 
You can mount a floppy disk with this command: 
mount /mnt/floppy 


W hy don't these commands include the information in the mount command given previ- 
oudy, such asa file sytem type and device name?You'll learn the answer shortly, in the sec- 
tion “Automating File System M ounting.” 
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Once you have mounted a floppy dik or CD-ROM, you should not eject the dik or CD- 
ROM until you have unmounted the file system. If you do, Linux may not be able to access 
that device for a time. 


Unmounting File Systems 


To unmount a file sytem, use the umount command with the device name or mount point. 
For example, to unmount a floppy disk, you might use this command (depending on the 
mount point defined on your Linux system): 


umount /mnt/floppy 
To unmount aCD-ROM, the command might be: 
umount /mnt/cdrom 


Similarly, to unmount a hard dis partition such as the one described in the previous sec- 
tion, the command would be: 


umount /opt/db 


The command name is umount, not unmount. If you see errors when you attempt to 


unmount a file system, look for an extra n in the command. 


Keep in mind that a file sytem cannot be in use when you unmount it. If any users on the 
Linux system are working with a file on the file system, or if any user’s current working 
directory is located on that file sytem, the umount command will fail, and it will indicate 
that the file system is busy.T he Linux kernel stores information about each mounted file sys- 
tem that includes the number of files currently being accessed. All users must stop using files 
on the file sytem and change their current working directory to alocation outsde the file sys- 
tem before you can unmount that file system. 


Automating File System M ounting 


Asasystem administrator, you'll want to automate everything that you can. Ideally, your ys- 
tems should be as self- sustaining as possible, leaving you free for tasks that require new analy- 
gs and problem-solving skills As you saw earlier, several types of file systems are mounted 
automatically when you gart Linux. The new file systems that you create from additional 
hard disks or other devices can also be automatically mounted at boot time T hus, you never 
need to enter the mount command after rebooting. 


The key to automounting file systems is the /etc/fstab configuration file.T his file con- 
tains a line for each file sytem that you want to have automounted when Linux boots It 
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also contains a line for file systems that you want to mount later on without providing all of 
the file sytem information in the mount command.A typical default fstab configuration 
file is shown here: 


/dev/hda3 / ext2 defaults 1 1 
/dev/hda4 /archive ext2 defaults,noauto 1 0 
/dev/hda2 swap swap defaults 0 0 
/dev/£d0 /mnt/floppy ext2 noauto 0 0 
/dev/cdrom /mnt/cdrom iso9660 noauto,ro 0 0 
none /proc proc defaults 0 0 


T he fields of this configuration file, from left to right, are described in the following lig: 


m The device where the file sytem is located. M og of the devices in this example 
file are IDE hard disks the floppy drive and CD-ROM drive have other device 
names, the proc file sytem has none. 


= The mount point in the directory structure where the device will be accessed 
after being mounted. Each file system has a mount point directory except the 
swap file sytem, which is only used by the Linux kernel. 


m The file sytem type. M os of the examples shown are ext2, the Linux native file 
sytem. iso9660 isthe CD-ROM gandard; proc and swap are pecial file sys 
tem types. 


m Options that apply when this file system is mounted.You will learn more about 
these options later in this section. 


m Whether the file system can respond to the dump command (this command is 
called dumpe2fs in Linux).A 1 in this field indicates that the dumpe2£s com- 
mand can be used to print information on the structure of the file sytem. O nly 
standard ext2 hard dis partitions hould have this field set to 1. 


= The order used to check file sytems when Linux is booted. Each time Linux 
carts, it checks the file systems in fstab before mounting them.T he root file 
system (/dev/hda3 above) should be numbered 1; other ext2 file systems 
should be numbered 2. If 0 is used, the file system is not checked. All file systems 
that are not automounted can have o in this field. 
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The most powerful part of this configuration file is the options field. The options used to 
mount file systems are an effective way to increase security and ease sytem administration 
work. Key settings for the options field are described in Table 8-5. 


Table 8-5 Important Option Field Settings 
M ount option Description 


Specifies that all reads and writes to the file system should be asynchro- 
nous—in other words, that information will be buffered (stored in memory) 
to improve access speed. 


auto Specifies that the file system should be automatically mounted at boot time 
or when the mount command is used with the -a option. 


dev Designates the file system as a special device in the /dev directory. 
exec Permits programs stored on the file system to be executed. 


noauto Indicates that this file system should not be automatically mounted. 
Instead, the file system must be mounted by an explicit mount command. 


noexec Indicates that programs stored on the file system cannot be executed. 


nouser Specifies that no regular users can mount the file system; instead, only 
root can mount it. 
M ounts the file system as read-only, which means no data can be written 
to it. 
M ounts the file system as read/write—the standard mode in which data 
can be written to the file system. 
Allows special user ID permissions to be used on this file system. 
Allows a regular user to mount the file system. This is useful if you are run- 
ning a desktop Linux system and don’t want to switch to the root user 
account to mount a floppy or CD-ROM. 
Functions the same as the user option except that any user can unmount 
the device. 


defaults Includes the options rw, suid, dev, exec, auto, nouser, and async. 


When removable media such asa CD-ROM is mounted, the Eject function of the drive 

is disabled (until the device is unmounted). Keep in mind that this is not true of floppy 
disk drives, which means it is possible for a user to eject a floppy disk while it is still 
mounted. This can cause problems, resulting in lost data. For example, files will still be 
marked as open even though they cannot be accessed. Although the user option in 
Table 8-5 is appropriate for some situations, it may create the problem noted here if 
users are not aware of the need to unmount devices before ejecting media. 


Additional (less commonly used) options are described in the manual page for the mount 
command. Two important additional points about the options in the fstab file mug be 
mentioned. First, the last options listed on each line of the fstab file override any earlier 
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options used on the same line For example if the options lit includes defaults, user, 
the user option overrides the nouser option that is part of defaults. Second, the 
options can be added to the mount command by using the -o parameter. For example: 


mount -t ext2 -o defaults /dev/sdb2 /opt/db 


Let's walk through two examples of how you might add a line to the fstab file to auto- 
mate file system mounting. Asa first example, suppose you had set up a large SC SI hard dix 
to hold a database application. You want the database file sytem to be mounted automati- 
cally when you start Linux. U sers should not be able to run programs or modify the file ys- 
tem configuration. For this stuation, the fstab line might look like: 


/dev/sdb2 /opt/db ext2 defaults,noexec,nosuid 1 2 


Asa second example, suppose you are using Linux as your desktop workstation and have 
installed anew DVD drive.T he device shouldn't be mounted at boot time because you don't 
normally keep a DVD dis in the drive, but you want to be able to mount the device with- 
out changing to the root user account.You also want to protect any writeable DVD diks 
from having any data damaged.You might use this line in the fstab file: 


/dev/hdd /mnt/dvd is0o9660 ro,noauto,user 00 


Once you have the fstab file set up, you can use the mount command with only the device 
name or mount point.T he mount command looksin the fstab file for all of the additional 
information needed to mount the file system. For example, the CD-ROM device is nor- 
mally configured in fstab after a Linux installation. The CD-ROM can thus be mounted 
with this command: 


mount /mnt/cdrom 


N o additional information is needed on the command line because mount retrieves every- 
thing else from the fstab file. If you use the mount command without sufficient information 
(and the information is not contained in the fstab file), an error message is displayed and the 
file sytem is not mounted. 


T he mount command does only minimal checking when a file system is first mounted.T his 
means that Linux may allow you to proceed with a mount operation that appears to pro- 
vide access to a file system, when in fact the file system is not supported.As you begin using 
the file sytem, Linux may discover the problem, and dilay an error message such as not 
a valid block device. 
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Nevertheless, Linux supports many different file systems. If you have partitions on your 
computer's hard dis that use any of the file system types listed in Table 8-6, you can access 
them directly from Linux by mounting them. Support for each of these file system types 
may be built into your Linux kernel, or you may need to load a kernel module to enable 
support for a specific file system type. T he module you load provides back-end support in 
the kernel for a specific file system type. 


Table 8-6 


File system 


File System Types Supported by Linux 


Description 


The native Linux file system type. 


File system used by the M inix operating system. 


File system used by DOS and older M icrosoft Windows systems. Note that 
this file system is also called the FAT file system, but the msdos name must be 
used with the mount command and with the fstab file. 


The High Performance File System used by OS/2. 
File system used on CD-ROMs. 


The Network File System, used to allow networked computers to access 
remote hard disks as part of a local directory structure. 


File system used to mount SM B network devices such as networked Windows 
computers. This file system type is part of the Samba suite. (For more infor- 
mation, see www.samba.org.) 


vfat 


File system used by Windows 98; also known as the FAT32 file system. 
Provides long filename support when reading Windows partitions from Linux. 


ntfs 


File system used by Windows NT. This file system requires kernel configuration 
that is normally not enabled by default. 


sysv 


A standard UNIX System V file system. 


qnx4 


File system used by the QNX operating system. 


coherent 


File system used by the Coherent UNIX operating system. 


A UNIX file system type. 


File system used by the Xenix operating system, a variant of UNIX. 


The msdos file system type provides access to DOS or Windows file systems. Because 

these file system types do not provide the same features as more robust file systems 
such aS ext2, the back-end to the msdos file system within the kernel maps features 
between msdos file systems and Linux. For example, the end-of-line characters are dif- 
ferent in DOS files and Linux files. Linux also has additional file attributes compared to 
DOS. The msdos file system back-end maps between these differences to make msdos 
files usable in Linux. 
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M anaging Swap Space 


Asmentioned in Table 8-3, the swap file system (often called the swap space) is a special file 
system type used by the Linux kernel for virtual memory. Virtual memory is a kind of 
memory that is used like tandard R AM ; however, information in virtual memory is stored 
on a hard dix instead.T he swap file system is set up during Linux installation and activated 
(via the fstab file) each time Linux boots. 


T he swap space is normally a separate hard disk partition.T his allows the most efficient access 
by the Linux kernel. For systems without an available partition for the swap space, a file on 
the regular ext2 file system can be designated as the swap space instead. H owever, this tech- 
nique degrades performance and should only be implemented on a system set up for test- 
ing Linux. 


In some Linux systems, the maximum size of a swap partition is 128 M B.W ith today’s large 
Linux systems, this may be insufficient. O n some new Linux systems (running Linux 2.2 ker- 
nels or later versions), a swap partition can be 2 GB or larger, depending on the platform on 
which Linux is running. 


You use the mkswap command to create a swap partition. This is amilar to using the 
mke2f£s command to create an ext2- formatted partition. If you have set up a wap partition 
using fdisk or another partitioning tool, the command would be something like this 
(depending on the partition you need to format as swap space): 


mkswap /dev/hda2 


Once you have formatted a partition as swap space, you need to add aline to the fstab file 
that tells Linux to use the swap automatically. T he example file shown previously includes 
this line: 


/dev/hda2 swap swap defaults 00 


Swap space is activated by system initialization scripts during the system start-up phase T he 
swapon command is used in these scripts to activate svap space. 


W ith large or busy systems, the swap partition should be located on a separate hard dik from 
the root partition or other key data partitions If the system is large enough, a separate hard dix 
might even be used just for svap space. By placing the swap space on a separate hard dix, you 
ensure that information can be read from and written to the root or other data partitions with- 
out interfering with the kernel’s efforts to move data to and from the swap area T he two (or 
more) hard disks can act in parallel instead of completing one operation after another. For the 
same reason, some Linux system administrators set up multiple swap partitions to take advan- 
tage of parallel hard disk accesses. M ultiple swap partitions were sometimes needed in older 
versions of Linux to overcome the 128 MB limit, but they may still be used to achieve speed 
increases by having the kernel access multiple hard disks in parallel. Linux supports up to eight 
distinct swap areas, Each one can be created using the mkswap Command and included in the 
fstab file to be activated at boot time 
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The status of swap space (or virtual memory) can be viewed using the free command. 
Following isa typical example of output from this command: 


total used free shared buffers cached 
Mem: 30820 28768 2052 16852 11860 7104 
-/+ 9804 21016 
buffers/ 
cache: 
Swap: 130748 1248 129500 


N ote the total and free columns Mem refers to RAM memory; Swap refers to swap 
pace. O n the small system shown here, a total of about 32 MB of RAM and 130 MB of 
svap space are available on the system. Very little of the swap space is used, and most of the 
RAM is free also (21 M B). As the sytem becomes busy, the free memory will drop to zero, 
and the swap space will be used. 


Because swap space is located on a hard dix, it issignificantly dower to access than the RAM 
on your system board. Because of this, you may at first want to avoid using it by installing 
enough RAM so that the Linux kernel never needs to save information in the swap space. 
In truth, both RAM and swap space are useful.A typical sytem should have at least as much 
wap space as R AM . T he reason for this is that the Linux kernel will attempt to cache (store) 
in RAM asmany files and programs as possible in order to increase the system speed. But if 
many users on asystem are working with many programs it’s likely that not all programs will 
be active at the same time. R ather than have these programs use R AM , they can be placed 
in the swap space while they are inactive. O n a well-tuned system, the kernel can quickly 
bring these programs back into memory when a user needs them— % quickly that mog 
users won't notice any delay. 


Another reason to make wise use of swap space is cost. Swap space (that is, hard disk space) 
isso much cheaper than R AM that in many stuations adding more swap space is more cot 
effective than adding RAM. 


H owever, while svap space is an important part of your system, its advantages diminish on 
systems with insufficient RAM. On systems with too little RAM, the swap space will be 
overused. T his means that a Sngle program might be moved to the swap space and back into 
system memory several times per second, as it competes with other programs for processor 
time.T he time required to move information to and from the swap space greatly reduces the 
efficiency of the sytem.T his problem is called thrashing. To solve this problem you need 
to reduce the system load or add more system RAM. 


To see detailed information about how the swap space is used, try the vmstat command 
(for virtual memory statistics). T he output of this command is cryptic and requires careful study 
of the relevant manual page. (See also Chapter 10.) The output of vmstat provides infor- 
mation on which processes are using swap space, how much space they are using, what is 
waiting to happen when R AM is available, and so forth. 


If the Linux kernel runs out of swap space (in which case it runs out of memory), the ker- 
nel may crash.T his very rarely happens, but the possbility is reason enough for monitoring 
swap space us. 
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SiMPLE TASK M ANAGEMENT 


In Chapter 7 you learned that the ps command can be used to list the processes running on 
Linux. In the sections that follow, you will learn more about how to control those processes. 
Additional detail on managing the CPU load via other utilities is provided in C hapter 10. 


Job Control in the Shell 


Often you will want to start multiple programs from the command line at the same time 
T hese might include an editor, a script you have written, an e mail reader, and perhaps other 
programs as well. Although Linux can easily run many applications (processes) at the same 
time, you must learn to control all of these processes from a angle command line. M ost of 
the tools for doing this are part of the shell, or command interpreter. Because the default 
Shell for Linux is bash, commands described in this section apply to the bash shell. O ther 
shells such aS ksh, csh, tesh, and zsh support similar features. 


You may choose to work in command-line windows within a graphical display, in which case 
you can open multiple windows to start multiple programs.You may also use the virtual con- 
soles described in the next section. O n occasion, however, you will need to manage mul- 
tiple programs from a single command line.T his discussion also helps you understand how 
processes are managed and how the shell operates. 


Processes 


When you gart a program, that program takes control of the command line where you are 
working. For example, if you enter the command 


man ps 


the man page appears, and you no longer see a prompt where you can enter additional com- 
mands. Some commands don’t dilay screen output like the man page viewer, but they still 
leave you without an active prompt to enter additional commands. 


If you type an ampersand after the name of a command, the shell places the process in the 
background— in other words, the process continues to run, but it doesn't control the com- 
mand line You can then start another command immediately. M ultiple processes started from 
a single shell are called jobs. 


Jobs 


A job is Smply a process that is associated with a single shell or command-line environ- 
ment.You can use the command jobs to lig all jobs or processes that are running from 
the current shell. 


U the Ctrl+Z key combination to suspend ajob.T his key combination is useful if you have 
garted a command that is controlling the command line and you want to interrupt it so that 
you can use the bg command to place it in the background. A suspended job is not ended, 
but it stops running normally. It waits for further instructions before beginning normal 
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execution again.You can use the jobs command to see which processes are currently sus- 
pended, as in the following output: 

$ jobs 

[1]+ Stopped (signal) top 


T he output of the jobs command shown above includes a job number at the left of the line 
(1 in the output above).T he proces ID number isnot shown by the jobs command.W hen 
a job is suspended, you can either place it in the background (restart it without displaying 
output to the current console) or place it in the foreground (allow it to take control of the 
screen again). Figure 8-4 shows how a single command-line window can gart and manage 


multiple processes (or jobs). 
Ajob #3 PID 1457 
Ajob #2 PID 665 
Ajob #1 PID 1432 


Ajob #3 PID 993 
Ajob #2 PID 1440 
“job #1 PID 992 


Shell #2 


Ajob #3 PID 671 
Ajob #2 PID 670 
Ajob #1 PID 664 


Shell #1 Shell #3 
Figure 8-4 Multiple jobs running from one shell 


T he commands used to place a job in the background or foreground after it has been started 
are bg and fg.To us the bg or £g command, you mug know the job number assigned by 
the current shell.You can find this number by using the jobs command. 


T he following steps how how the bg and fg commands work: 


1. At any Linux command line, enter the command man 1s.T he manual page for 
the 1s command appears. 


2. Press Ctrl+Z and then Enter. You see the following message (the number at left 
may be different on your system): 


[4]+ Stopped man ls 
3. Enter the command man ps.T he manual page for the ps command appears. 


4. Press Ctrl+Z and then Enter. You see the following message (the number at left 
may be different on your system): 


[5]+ Stopped man ps 
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5. Enter the command jobs.You see output like the following: 


[4]+ Stopped man ls 
[5]+ Stopped man ps 


6. Enter the command fg %4. (Use the number at the left of the first output line 
from the jobs command— on your system it may not be 4.) T he 1s manual page 
appears again. 


7. Press q to end the man 1s command. 


8. Enter the jobs command again.You see that the man 1s command is no 
longer listed. 


Some commands (including the man command) are only used to display information. 
iw Placing a command-line man in the background with the bg command automatically 


suspends the command. It only runs in the foreground. 


You can also use the process ID number in the £g or bg command. Just use the num- 
ber without the percentage sign. For example, suppose a process you have started is job 
number 3 in the current shell and has a PID of 725.You can bring the process to the 
foreground with either of these commands: 


fg %3 
fg 725 


Using Virtual Consoles 


As you learned in Chapter 4, you can open multiple command-line windows within a 
graphical environment. W hen you are not working in a graphical environment, you can 
use virtual consoles in Linux to start multiple command-line sessions at the same time. A 
virtual console is a separate login screen that you access by pressing a combination of 
keys on your keyboard. A virtual console allows you to start several separate login sessions 
in Linux from the same computer. 


Networked Linux systems allow many users to log in using a network connection. Virtual 


consoles provide the same type of login functionality without a network connection. 


W hen the graphical mode is not active, you access anew virtual console by pressngAIt+F2. 
T his displays a new login prompt, where you can log in using any valid username and pas- 
word. Any commands that you start from this virtual console run independently of those on 
other virtual consoles. Each console starts a separate copy of the bash shell, so the jobs 
command will only list jobs started in one virtual console, even if you have logged in using 
the same username. 
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To switch back to your first virtual console, pressAIt+F1.M ost Linux systems have sx vir- 
tual consoles T hey can be accessed by pressing AIt+F1 for the first virtual console Alt+F2 
for the second, and so on, to Alt+F6 for the gxth virtual console A graphical system nor- 
mally appears on a seventh virtual console, which you can display by pressing AIt+F7. 


When the graphical environment is running, you can switch to the nongraphical virtual 
consoles by pressing Ctrl+Alt+F1 for the first virtual console, and so on, to Ctri+Alt+F6 for 
the axth virtual console. 


Leaming About Processes 


The ps command that was introduced in Chapter 7 includes many additional options to 
help you learn about what is happening on your Linux system from moment to moment.A 
gmple ps command shows you only the commands that you have started in the current 
command-line environment (also called the current terminal): 


$ ps 

PID TTY TIME CMD 
576 ttyl 00:00:00 login 
584 ttyl 00:00:00 bash 
946 ttyl 00:00:00 top 
951 ttyl 00:00:00 ps 


Although this is useful, it doesn’t provide much more information than the jobs command. 
Asa system administrator, you need access to the details provided by the ps command 
options. For instance, the a and x options show you the processes started by all users, as well 
as those that were started by the system at boot time (or other processes that have no con- 
trolling tty where they were started). 


This isa much longer lig than that provided by the ps command without any options and it 
includes all of the system-level daemons that are running in the background as you work on 
Linux. For example, the login command running on other virtual consoles, the Web server 
(called httpd), the sytem logging daemon, and possibly an email server will all appear in the 
lit. By adding the u option to the ps command, you can also see information about how each 
process is using your Linux system. T his command is shown here with its output sent to the 
less command. By usng the less command, you can use the Page U p and Page Down keys 
to view the many lines of output.T he first few lines of output are shown after the command: 


$ ps aux | less 


USER PID SCPU SMEM SIZE RSS TTY STAT START TIME COMMAND 
bin 381 0.0 0.9 840 300 ? S 13:32 0:00 rpc.portmap 
daemon 451 0.0 1.9 1156 596 ? S 13:32 0:00 lpd 

daemon 471 0.0 1.0 828 324 ? S 13:32 0:00 atd 

nobody 845 0.0 2.5 1384 784 ? S 13:32 0:00 httpd -f 
nobody 846 0.0 2.5 1384 784 ? S 13:32 0:00 httpd -f 
root 1 0.0 1.0 828 332 ? S 13:31 0:04 init 

root 2 0.0 0.0 0 0 ? SW 13:31 0:00 (kflushd) 
root 3 0.0 0.0 0 0 ? SW 13:31 0:00 (kpiod) 
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In the first lines of the output shown above, you see column headings indicating which 
user started the process, the percentage of CPU time and memory used by the process, the 
terminal that the process is running on, status, and other information. T he mog important 
part of this information is the process ID number, or PID. With this number, you can con- 
trol the process using other Linux commands. 


You can use the £ option to display the relationship between different processes, showing 
which process started which other processes. The following command uses the £ option 
along with the a and x options, in order to display all the processes on the system (the out- 
put has been shortened to save space here, however): 


$ ps axf 
PID TTY STAT TIME COMMAND 
12 S 0:04 init 
2? SW 0:00 [kflushd] 
3? SW 0:00 [kpiod] 
535 S 0:00 sendmail: accepting connections: p 
550 ? S 0:00 gpm -t ps/2 
564 ? S 0:00 httpd 
568 ? S 0:00 \_ httpd 
571 ? S 0:00 \_ httpd 
577 ? S 0:00 \_ httpd 
594 ? S 0:00 xfs 
638 tty2 S 0:00 login -- root 
664 tty2 S 0:00 \_ -bash 
676 tty2 T 0:00 \_ man ls 
677 tty2 T 0:00 | \_ sh -c /bin/gunzip 
678 tty2 T 0:00 | \_ /bin/gunzip 
679 tty2 T 0:00 | \_ /usr/bin/less -is 
680 tty2 T 0:00 \_ top 
686 tty2 R 0:00 \_ ps axf 
639 tty3 sS 0:00 /sbin/mingetty tty3 
642 tty6 S 0:00 /sbin/mingetty tty6 
644 ? S 0:00 update (bdflush) 


As you can se, the processes are presented in a tree diagram. T his output shows which 
processes were started by other processes. For example, process ID (PID) 638 (see the left 
column of the output above) is the Login command, where a user has logged in as root. 
T he login process started a bash shell (the next line in the output, process 664).T he root 
user started several commandswithin the shell, including man 1s (PID 676), top (PID 680), 
and the ps command (PID 686). The man command started other commands to uncom- 
press the manual page file. M any processes were started by the Linux kernel when the sys 
tem was booted. T hese processes appear without any tree structure. 


Before you can successfully control process operation and manage your Linux CPU and 
memory resources, you need to understand how processes are related to one another. Each 
process has a parent process— that is, the process that started it.A parent process can have 
many child processes.T he first process started on a Linux system is called init.T his process 
is the parent to all processes and has a PID number of 1. 
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Controlling Processes 


You can use the jobs, fg, and bg commands to control processes (jobs) that were started 
within a single shell. By using the kil1 command, you can control all processes on the ys- 
tem. T he name of this command is a little unfortunate Although it is often used to kill, or 
end, processes, it actually is used to send signals to processes. Some of those signals end the 
process; others serve different purposes, such as suspending a process or causing a program to 
reread its configuration file. 


lm You must be logged in as the root user to control processes that you didn’t start. 


Signals are messages that are sent to a process.T he full lit of sgnals contains about 30 mes- 
sages, but most of these are not used regularly. Each signal has a name and a number asoci- 
ated with it.To see a cryptic list of all the signals, use the ki11 command with the -1 option 
(for list), as follows: 


kill -1 


W hen writing a program, the developer decides which sgnals the program will respond to. 
Some programs only respond to one or two signals O thers may respond to more signals, 
depending on the purpose of the program. For example, a program designed to control your 
computer in the event of a power failure will respond to the signal from a power supply indi- 
cating that the main power is out. O ther programs wouldn't respond to this sgnal. 


Almost all programs respond to the SIGTERM sgnal (Sgnal number 15). This sgnal 
requests that the program end. Another special sgnal is SIGKILL (dgnal number 9). The 
SIGKILL sgnal is not handled by the program itself. Instead, if you send a SIGKILL using 
the kill command, the Linux kernel shuts down the process automatically. Any unsaved 
data in a program will be lot when the SIGKILL signal is used to end the process.Asarule, 
you should use the SIGTERM sgnal (rather than the SIGKILL signal) to shut down 
processes, because SIGTERM requests that a program close itself, giving the program a 
chance to clean up its work, close any open files, and so forth, before ending.W hen you use 
a SIGKILL, the process is cut off before it can do any of those things. H owever, SIGKILL is 
very useful when a process is not responding to the SIGTERM sgnal. 


To see how the kill command is used, Suppose a user on your Linux system had started a 
program called myeditor.T he program appears to have topped working but is gill running 
in the background.Y ou would use the following ps command to se that state of the process: 


ps ax | grep myeditor 
T he single-line output of this command includes only the process for the myeditor pro- 
gram with the PID number for the process. U sing this information, you can send a sgnal to 


the process (because the user in question started the process, he could also use the kill 
command to send the signal): 


kill -15 1482 
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By sending the SIGTER M sgnal in this way, you send a request to the myeditor program 
to close.T he command could also be written using the name of the sgnal: 


kill -SIGTERM 1482 


If the program does not respond to the request to terminate (you sill see it in the list of 
processes from the ps command), you can send aSIGKILL signal that will cause the Linux 
kernel to end the process immediately: 


kill -9 1482 
A Before you can send a process a signal, you must obtain the correct process 
ID for the process by using the ps command. 
Caution 


A special form of the ki11 command is the command named killa11.T his command is 
used to send a signal to all processes that were started by commands of the same name. T his is 
useful when a program is starting copies of itself faster than you can locate the PIDs and use 8 
kill to end them. If the myeditor program were doing this, you could use this command: 


killall -9 myeditor 


Always be careful using killall.If you are running multiple programs of the same name 
and only one needs to be sent a sgnal, do not use killall because it will end all of the 
processes. Instead, determine the PID of the specific copy of the program that needs to be 
ended.T hen use the kil1 command rather than killall. 


T his section has provided only an introduction to the concepts and commands used to con- 
trol processes in Linux. In Chapter 10 you will learn how to manage the load on your Linux 
system by allocating time and disk space to processes and tracking how busy your Linux ys- 
tem is to see if additional hardware resources may be required to handle the load. 


CHAPTER SUMMARY 


o A Linux system administrator must perform some basic tasks regularly to keep the ys- 
tem running smoothly. T hese tasks include user management, file system management, 
and process management. 


a User management involves defining user environments, creating user accounts, and 
managing modifications to those accounts as required by the system or requested by the 
user. Maintaining user accounts is an important part of system security. 


o File sytem management provides stability and performance for your Linux sytem. Each 
file sytem must be tracked to see how it is being used and when new hardware resources 
need to be added to handle the system's load. Working with file sytems must be done 
carefully to avoid damaging data. 


o To manage processes, you use Commands to examine all the processes on the Linux sys 
tem and send various sgnals to control how those processes behave. T he root user can 
control all processes, suspending or stopping any process. 
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KEY TERMS 

alias — Command used to create a text substitution in a command-line shell, effectively 
giving any Linux command a new name. 

bash — Short for Bourne again shell. It is the default command-line interpreter 
for Linux. 

bashre — Configuration file containing commands that are executed each time a user 
garts anew command-line environment. 

bg — Command used to place a job (process) in the background (either by suspending it 
or by preventing its output from appearing in the current hell's terminal window), thus 
allowing the shell prompt to become active again. 


C shell — A shell desgned for ease of use more than for programming features. 
cat — Command used to dump the contents of a file to STDOUT. 


command interpreter — (M ore commonly called a hell in Linux.) A command-line 
environment in which a user can enter commands to be launched. 


default shell — T he default command-line interpreter used in most Linux systems (bash). 


df — Short for display file sytems. Command used to digplay file sytem summary infor- 
mation such as device, mount point, percentage used, and total capacity. 


du — Short for disk usage. Command used to display disk space used by a directory and 
each of its subdirectories. 


environment variables — Set of named values (name- value pairs) that provide informa 
tion to programs running in a user's environment. 

/etc/fstab — Configuration file that contains a file system table with devices, mount 
points, file system types, and options. U sed by the mount command. 


/etc/group — Configuration file in which group information (group names and mem- 
bership lists) is stored. 


/etc/passwd — Configuration file in which user account information is stored. 


/etc/shadow — Configuration file in which encrypted user passwords and password 
configuration data are stored. 


/etc/skel — Directory containing files that will be used to populate a new user's home 
directory at the time it is created. 


fdformat — Command used to format a floppy disk. 


fg — Command used to bring a job (process) running in a shell to the foreground so that 
the job controls the shell’s terminal window. 


file system — A collection of data, normally stored on a device such as a hard disk parti- 
tion, which can be accessed in Linux via the directory structure. 


group — A collection of user accounts that can be granted access to the system collectively. 
groupadd — Command used to add anew group to a Linux system. 

init — Linux process that initiates other key processes as the system is booting. 

jobs — Command used to list jobs (processes) started in the current shell environment. 


kill — Command used to send signals to processes, often to end them via a SIGTER M 
or SIGKILL signal. 
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Korn shell — A revison of the bash (or Bourne) shell that is popular on some U N IX 
systems and available in Linux as the Public Domain Korn shell, pdksh. 

mke2fs — Command used to format a device such as a hard disk partition with an ext2 
file sytem. 

mkfs — Command used to format devices using various file system types The ext2 
default type for Linux file systems can be indicated as an option. See also mke2fs. 

mkswap — Command used to format a partition as a swap space for the Linux kernel. 

mount — Command used to make a logical or physical device available as a file system in 
the Linux directory structure. 

mount point — T he place or path in the Linux directory structure where a file sytem is 
accessed. 

ps — Command used to obtain detailed information about processes running on Linux. 

root — Superuser account name in Linux. 

Shadow Password system — Security system used to restrict access to encrypted pass- 
word text. 

shell — A command-line interpreter, providing a command-line interface. 

signal — A message (one of a fixed set determined by the Linux kernel) that can be sent 
to any process and responded to according to how that program is written. 

su — (Short for substitute user.) Command used to take on the identity of a different 
user account. 

superuser — T he root user account, which has supervisory privileges throughout the 
Linux system. 

swapon — Command used by Linux initialization scripts to activate the swap partition 
defined in the /etc/fstab file 

symbolic link — A pointer in the file sytem to another file. 

thrashing — Excessve movement of processes between RAM and swap space, resulting 
in reduced system performance and excesive wear on the hard dix. 

touch — Command used to create an empty file or to update the access time of an 
exiging file. 

umount — Command used to unmount a file system that is accessble as part of the 
Linux directory structure. 

User Private Group — Security system that creates anew group containing one user 
when that user is first created. 

useradd — Command used to create (add) anew user account in Linux. 

usermod — Command used to modify or update an existing user account. 

virtual memory — M emory available to the Linux kernel for running programs but 
which is actually located on a hard disk. Data that the Linux kernel stores in virtual 
memory is placed in the swap file system, or swap space. 

wheel — Special system administrative group, not used officially in Linux. 
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REVIEW QUESTIONS 


1. Name two reasons why you shouldn't log in as root unless you are doing system 
administration work. 


2. A user's primary group can be a U ser Private Group. True or False? 
3. The /etc/passwd file does not contain which of the following fields 
a. The name of the user account 
b. The file privileges for the user 
c. The user's default shell 
d. A UID and GID for the user 


4, Explain the meaning of this line in the /etc/group file: 
webmasters:x:710:rthomas,cyang 


5. To create or change a password on any user account, the following is used: 
a. The useradd utility 
b. The file /etc/shadow with a text editor 
c. The passwd command 
d. The UID and GID of the user 


6. The useradd command can be used to modify or update account information. 
True or False? 


7. When you add a file to the /etc/skel directory, the file is automatically added to 
the home directory of all existing users True or False? 


8. A defines a string of text to be substituted whenever another 
gring of text is used on the command line. 


a. link 
b. substitution string 
c. alias 
d. symbolic link 
9. The Linux command used to format a Linux ext2 hard dix partition is 
a mke2fs 
b. fdisk 
C. fsck 
d. Linux does not use formatted partitions 


10. List two waysin which regular user accounts differ from nonstandard user accounts 
that are used only by Linux programs. 


11. If you enter a new pasword for a user account that can be easily guessed, the message 
BAD PASSWORD appears and the password is not updated. True or False? 


12. 


13. 


14. 


15. 
16. 


17. 


18. 


19. 
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Environment variables are used by nearly all users to: 

a. Provide system or user information to the programs that the user executes 
b. M ake it easier to use DO S commands in a Linux environment 

c. Track system resources used by each user 

d. R ecord environment information as users work with sytem administration tools 
Describe one Smple method of temporarily disabling a user account without using a 
graphical utility. 

A mounted file system is one that: 

a. Has been included as part of the Linux directory structure 

b. Has been correctly formatted for use in Linux 

c. Allows any user to run programs located on it 

d. Includes at least a root user account 

Describe the value of multiple virtual consoles in Linux. 

T he Shadow Password system enhances Linux security by: 

a. Validating members of the wheel group as they log in 

b. Hiding encrypted passwords in a file that only root can read 

c. Checking that new passwords entered for users are not easly guessed 

d. Stopping unauthorized users from accessing the root account 

W hich of the following is not a good way to create a new user account: 

a. Use the useradd command. 

b. Use the Linuxconf utility in R ed H & Linux. 

c. Add aline to /etc/passwd with appropriate information. 

d. Start the Shadow Password system. 

W hich of the following is not a valid reason to use aliases in a user's environment 
settings: 

a. They save processing time as commands are executed. 

b. They protect against accidental erasure of files. 

c. They correct typographical errors as you work. 

d. They make non-Linux commands behave in a familiar way. 

The af utility provides information about which one of the following: 

a. Which users have mounted the file system 

b. The virtual memory usage as stored on all mounted file sytems 

c. File system capacity, device name, and percentage used status 

d. Per- directory usage and file sytem mount point 
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20. Describe the actions of the defaults options in a configuration line of the 
/etc/fstab file. 


21. Which of the following is a valid alias command? 
a alias cp copy 
b. alias copy=cp 
C. alias DOS COPY to Linux cp 
d. export alias=copy,cp 


22. Describe the key advantage to having swap space located on a hard disk separate from 
the root Linux partition. 


23. List two reasons why a user account might need to be disabled. 


24. If you attempt to unmount a mounted file sytem and receive an error message, the 
most likely cause is: 


a. The file system was not mounted correctly in the first place. 

b. The a£ command isin the process of computing file system statistics. 

c. An error on the physcal media that Linux cannot interpret. 

d. One or more users are working in the file sytem. 
25. By starting multiple jobs in one command-line session, you can 

a. Conserve resources for each process you start 

b. Prevent the swap space from thrashing 

c. Manage those jobs with the jobs, fg, and bg commands 

d. Kill any unneeded process quickly 
26. Signals are used by the ki11 command to manage processes. True or False? 
27. Describe at least four fields of information provided by the command ps auxf. 


HANDS-ON PROJECTS 


À Project 8-1 


eise | In this project you will create anew group and a new user account using the groupadd 
and useradd commands Then you will update the user information on that account 
using usermod.To complete this project you need to have Linux installed. You should be 
at a Linux command-line prompt and have root access in order to perform these steps. 


1. Enter the following command: groupadd webmasters. his creates anew group 
named webmasters. 


2. Enter the following command: cat /etc/group. This displays the group file, with 
the new group in the last line of the output. 


Handgggin 
Project 
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. Enter the following useradd command: useradd -g webmasters -e 06/30/01 


-c "Hailey Mendez" hmendez. This creates anew user account with an expiration 
date, full name in the comment field, and primary group assignment. 


. Enter the following command: cat /etc/passwd.T his displays the user file 


(/etc/passwd), with the new user account information in the last line of the 
output. 


. Determine whether a home directory was created by the command in Step 3 by 


entering the following command: 1s /home/hmendez. If you see a list of files, the 
home directory was created in Step 3; if you see an error message, the home directory 
was not created. If the home directory was not created, create it with this command: 
mkdir /home/hmendez. 


. Set a password for the new user account using this command: passwd hmendez. 
. Enter a new password twice as prompted. 
. Change to the new user account using the following substitute user command: 


su - hmendez. (N ote that no password is required because you are logged in 
aS root.) 


. Enter the following command: alias.T his displays the aliases that are in effect for 


the new user. (N ote that this command displays your system's defaults, unless you have 
changed the configuration files.) 


10. Enter the following command: exit. As a result, you exit from acting as the new user 
and return to the root user account. 

11. N ow suppose you have been asked to change the login shell used by this user. Change 
the shell with the following usermod command: usermod -s /bin/tcsh 
hmendez. 

12. Enter the following command: cat /etc/passwd.T his displays the user file, where 
you can see the effect of the usermod command. Specifically, note /bin/tcsh in the 
last field of the line defining the hmendez account. 

Project 8-2 


In this activity you will explore how asgnal sent with the ki11 command affects aWeb 
server running on your Linux system. M ost Linux systems have an httpd daemon (aWeb 
server) that runs automatically after installation. You should have a completely installed 
Linux sytem to complete this task. Ideally, the Linux system should have a Web server 
installed by default. If you have not selected this installation option, you may be able to 
start aWeb server using the command httpd. Log in to Linux and open a command-line 
window to complete the steps that follow. 


1. Filter the ps command output through the grep command as follows ps aux | 


grep httpd.T his lists all of the Web server processes running on your computer. 
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2. Look at the output and notice the owner field on the far left (see Figure 8-5).W hy is 
one copy of httpd owned by root and the others owned by a user named nobody? 


remas aaO 
{| Eile Options 


Help 


[root@brighton roo 


oot 
nobody 1037 (O05 G2 S 0:00 httpd -f /etc/httpd/a 
nobody 1038 0.0 2.4 1384 (ealay ares ol alkaa 0:00 httpd -f /etc/httpd/a 
root S60. (020) 23) “1360 740 7? S 135528 0:00 httpd -f /etc/httpd/a 
root 1082 10502 20:29 916 308 pos 14:47 0:00 grep httpd 
oot 


[root@brighton roo 


Figure 8-5 Output from ps aux | grep httpd 


3. Use the same command again with the £ option, asfollows ps auxf | grep 
httpd. T his displays the parent-child relationship of the Web servers. You can see that 
the copy owned by root started the other copies. 


4. N ote the cart-time field (third field from the right) for each of the Web server daemons. 


5. Note the PID of theWeb server daemon owned by root. (The PID is the number 
nearest the far left column.) (The following steps will use the number 515, but you 
should replace this number with the PID that appears when you run the ps com- 
mand on your system.) 


6. Send a restart signal to the parent Web server process using the following kil1 com- 
mand: kill -HUP 515.T his sgnal causes the Web server to reread its configuration 
and restart all child processes. 


7. Use the following ps command again: ps aux | grep httpd. Notice the start- 
time field. All of the processes owned by nobody (the child processes of the main 
Web server daemon) have been restarted and have a new gart time. The main process 
owned by root does not have anew dart time. 


CASE PROJECTS 


1. You have been aked to help desgn the file systems to be used for a large new Linux 
system in your research lab.T he Linux system will support about 50 researchers who 
will log in each day to run scientific applications and access relevant Internet resources. 
The Linux system will also act as a news server, receiving about 1 GB of newsgroup 
messages each day over the Internet.A large database application runs on the Linux 
server to provide research data. As the sytem administrator, you expect to upgrade the 
Linux operating system about once per year; you will also maintain complete backups 
on awriteable CD-ROM drive. 
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Design a structure for the file system of the new Linux server, showing how you 
would set up partitions or separate hard disks and devices to accommodate each of the 
needs mentioned above. Prepare sample entries for an fstab file showing the options 
that you would likely use for each mounted file system. Include information about 
how you would configure the swap space on the devices you choose to us. 

. After using the system for several months, you notice that the df command shows 
that one file system is at more than 95% capacity. D escribe some steps you might take 
to remedy this problem. H ow would your actions vary depending on which of the 
file sytems was at 95%? 

. After running smoothly for about a year, one of the hard dixs fails. Fortunately, you 
have backups of all data. H ow does the file sytem arrangement that you have 
designed assist in getting the system running again? 


